Re: Fwd: (KAME-snap 9012) racoon in the kame project

• Previous message: Lowell Gilbert: "Re: Information disclosure?"
• In reply to: Mike Tancsa: "Fwd: (KAME-snap 9012) racoon in the kame project"
• Next in thread: Lupe Christoph: "Re: Fwd: (KAME-snap 9012) racoon in the kame project"
• Reply: Lupe Christoph: "Re: Fwd: (KAME-snap 9012) racoon in the kame project"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 21 Apr 2005 13:56:01 -0000
To: mike@sentex.net (Mike Tancsa)

In article <6.2.1.2.0.20050421090724.04cc1668@64.7.153.2> you wrote:
> FYI, looks like support for Racoon is ending. Does anyone have any
> experience with the version in ipsec-tools ?
I have been using it with FreeBSD 4.11. The only issues I have ran
into is that some of its debug messages use %zu and %zd. The %z
isn't know by 4.x libc and causes a core dump. This issue is easily
fixed with sed. Since 5.x know about %z, this should be a non-issue
for more current versions of FreeBSD.

The ipsec-tools version has support for NAT-T if the kernel has
support. There exist patches for use with the IPSEC option of 4.x
at ipsec-tools source forge site. Yesterday I posted updated patches
to support FAST_IPSEC under 4.11. I had made patches for 5.x but
accidently clobered them. The port is very straight forward.

To save you some time looking for them, The FreeBSD kernel patches
can be found here:
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/htdocs/

Larry

-- 
------------------------------------------------------------------------
Larry Baird                        | http://www.gta.com
Global Technology Associates, Inc. | Orlando, FL
Email: lab@gta.com                 | TEL 407-380-0220, FAX 407-380-6080
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Lowell Gilbert: "Re: Information disclosure?"
• In reply to: Mike Tancsa: "Fwd: (KAME-snap 9012) racoon in the kame project"
• Next in thread: Lupe Christoph: "Re: Fwd: (KAME-snap 9012) racoon in the kame project"
• Reply: Lupe Christoph: "Re: Fwd: (KAME-snap 9012) racoon in the kame project"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: RE: NAT-T support for IPSec stack ... > and wondering when someone was going to bring this support to FreeBSD. ... FreeBSD seems to be the straggler here. ... we (the Ipsec-tools team) and KAME team agreed a few month ago ... >>I'll contact the ports list for such an integration. ... (freebsd-net) Re: Possibility for FreeBSD 4.11 Extended Support ... Just because someone has a few FreeBSD boxes running light loads and not using the features that we NEED does not mean that any the port 4.11 releases to date are stable. ... If your business is relying on FreeBSD 4.11 and you do not believe the _free_ support you have been getting is adequate, you are always welcome to look through the list at http://www.freebsd.org/commercial/consult_bycat.html and find someone to provide whatever level of support you want. ... patches, ... I wouldn't be surprised if a few more aging and unhandled PR's are flushed from the bug report database as a result of the EoL, but in practice, 4.x will keep running largely as it has since 4.11 was released. ... (freebsd-stable) Re: ProPolice/SSP in 7.0 ... am aware that FreeBSD 7.0 doesn't yet support it though I know of Jeremy Le Hen's patches. ... (FreeBSD-Security) Re: network slowness/freez-up since update 10/11 ... > I think your expectations of support are unrealistic here. ... > FreeBSD is a largely unfunded volunteer open source project. ... Patches are welcome. ... (freebsd-current) Re: Intel 810 and agpgart on 6.0-beta5 ... there is no agpgart support yet for FreeBSD. ... 3D acceleration, no hardware cursor support, ... there _are_ patches for i810 support. ... (freebsd-current)